Cisco Cisco Packet Data Interworking Function (PDIF) Prospecto
Crypto Map IKEv2-IPv4 Configuration Mode Commands
▀ ocsp
▄ Cisco ASR 5x00 Command Line Interface Reference
2728
ocsp
Enables use of Online Certificate Status Protocol (OCSP) from a crypto template. OCSP provides a facility to obtain
timely information on the status of a certificate.
timely information on the status of a certificate.
Product
All products supporting IPSec
Important:
This command appears in the CLI for this release. However, it has not been qualified for use with
any current Cisco StarOS gateway products.
Privilege
Security Administrator
Syntax
ocsp [ nonce | responder-address ipV4_address [ port port_value ] ]
no ocsp [ nonce | responder-address [ port ] ]
default ocsp [ nonce ]
no
Disables the use of OCSP.
default
Sets / Restores default value assigned for ocsp nonce.
nonce
Enables sending nonce (unique identifier) in OCSP requests.
responder-address ipV4_address
Configures the OCSP responder address(IPv4), used when absent in peer (device) certificate.
IPv4_address
is an IPv4 address specified in dotted decimal format.
port port_value
Configures the port for OCSP responder.
port_value
is an integer value between 1 and 65535. The default port is 8889.
Usage
This command enables the use of Online Certificate Protocol (OCSP) from a crypto map/template. OCSP
provides a facility to obtain timely information on the status of a certificate.
OCSP messages are exchanged between a gateway and an OCSP responder during a certificate transaction.
The responder immediately provides the status of the presented certificate. The status can be good, revoked or
unknown. The gateway can then proceed based on the response.
provides a facility to obtain timely information on the status of a certificate.
OCSP messages are exchanged between a gateway and an OCSP responder during a certificate transaction.
The responder immediately provides the status of the presented certificate. The status can be good, revoked or
unknown. The gateway can then proceed based on the response.
Example